TITLE OF THE INVENTION 

COMMUNICATIONS CONTROL METHOD, RELAYING METHOD AND RELAYING 
DEVICE 

BACKGROUND OF THE INVENTION 
5 Technical Field 

The present invention relates to communications control 
systems between computers on the Internet and computers 
connected to the Internet insulated by firewalls. 
Description of Related Art 

10 Take for example Internet telephony using, e.g., Internet 

telephone terminals on the Internet, and internet telephone 
terminals connected to the Internet insulated by firewalls . 
Port numbers are used in Internet telephony to distinguish among 
a plurality of voice communications. Therefore, to let voice 

15 data from an Internet telephony application pass, the 
considerably broadband RTP/UDP (Real-time Transport 
Protocol/User Datagram Protocol) port number must be set for 
passing the firewall. 

In transmitting/receiving voice and animation, UDP (User 

20 Datagram Protocol) is generally used, in a situation where a 
plurality of communications are carried out using UDP, it is 
necessary either: 1) to allocate a port to every communication; 
or 2) to assign a data-allotting application to a single port 
and enter in the data section information for distinguishing 

25 communications, and with allotting software to interpret— by 



derivation from information such as IP address and port number 
of the packet-sending source-and distribute the data to a 
program that actually processes the data. 

In Internet telephony via firewalls, communications are 
carried out according to the VoIP protocol, and voice data is 
transmitted/received using UDP. In a situation where, for 
example, a telephone company is to offer Internet telephony 
services, if 100 calls are to be supported simultaneously on a 
computer terminal at the telephone company, 200 port numbers 
will be necessary. This is because two ports, receiving and 
sending, are required for one call with UDP. Because there are 
many security problems with this, however, in reality it is hard 
to adopt . 

On the other hand, using an exchange device to let voice 
data pass without opening a hole in the firewall is conceivable. 
The firewall may be avoided if an exchange device is utilized, 
since the Internet and Intranet connect via the exchange device. 
Put differently, the firewall can be avoided by installing a 
non-IP section on the firewall section. Nevertheless, in 
addition to the high cost of the exchange device, delays arise 
with this method in the data exchange between the Internet and 
the exchange device, and between the Intranet and the exchange 
device. Therefore, this method, by which two exchanges are 
necessary between the two ends of the communications line, is 
undesirable owing to a severe worsening in voice quality. 



SUMMARY OF THE INVENTION 

An object of the present invention is to provide 
communications control technology for combining sufficient 
security compatibly with sufficient data quality in telephonic 
5 communications . 

The present invention provides a communications control 
method utilized in a communications system in which a first 
communications terminal Tl, a second communications terminal T2, 
and a relaying terminal that relays communications by the two 
10 terminals are connected via a network. The communications 
control method includes : 

a first determination step, prior to the first 
communications terminal Tl and the second communications 
terminal T2 carrying out communications via the relaying 
15 terminal, of the first communications terminal Tl determining 
first communications identification information SI for 
identifying intercommunications between its terminal and the 
relaying terminal; 

a second determination step, prior to the first 
20 communications terminal Tl and the second communications 
terminal T2 carrying out communications via the relaying 
terminal, of the relaying terminal determining second 
communications identification information S2 for identifying 
intercommunications between its terminal and the first 
25 communications terminal Tl; 



a third determination step, prior to the first 
communications terminal Tl and the second communications 
terminal T2 carrying out communications via the relaying 
terminal, of the relaying terminal determining third 
5 communications identification information S3 for identifying 
intercommunications between its terminal and the second 
communications terminal T2 ; 

a fourth determination step, prior to the first 
communications terminal Tl and the second communications 

10 terminal T2 carrying out communications via the relaying 

terminal, of the second communications terminal T2 determining 
fourth communications identification information S4 for 
identifying intercommunications between its terminal and the 
relaying terminal; 

15 a first communications step of the first communications 

terminal Tl and the relaying terminal carrying out transmission 
and reception of first data containing the first communications 
identification information SI and the second communications 
identification information S2; 

20 a second communications step of the second communications 

terminal T2 and the relaying terminal carrying out transmission 
and reception of second data containing the third communications 
identification information S3 and the fourth communications 
identification information S4; 

25 a first relaying step, when the relaying terminal is to 



transmit to the second communications terminal T2 first data 
received from the first communications terminal Tl, of rewriting 
within the first data the first communications identification 
information SI and the second communications identification 
5 information S2 as the third communications identification 
information S3 and the fourth communications identification 
information S4; and 

a second relaying step, when the relaying terminal is to 
transmit to the first communications terminal Tl data received 

10 from the second communications terminal T2 , of rewriting within 
the data the third communications identification information S3 
and the fourth communications identification information S4 as 
the first communications identification information SI and the 
second communications identification information S2 . 

15 This communications control method is utilized in 

communications among for example a first communications 
terminal Tl on the Internet, a second communications terminal 
T2 on an Intranet, and a gateway that connects the Internet and 
the Intranet. The first communications terminal Tl and the 

20 gateway, and the second communications terminal T2 and the 
gateway mutually report communications identification 
information (referred to as "session IDs" hereinafter) among one 
another, and transmit and receive session IDs for their 
terminals and partner terminals, together with data. This 

25 enables, while a plurality of communications are supported 
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through a single port, each communication to be identified by- 
session ID. 

A second aspect of the present invention provides a 
relaying method utilized by a relaying terminal that is 
5 connected via a network with a first communications terminal Tl 
and a second communications terminal T2, and that relays 
communications between the two terminals . The relaying method 
includes : 

a first determination step of determining second 
10 communications identification information S2 identifying a 
communication carried out with the first communications 
terminal Tl for relaying communications between the first 
communications terminal Tl and the second communications 
terminal T2 ; 

15 a second determination step of determining third 

communications identification information S3 for identifying a 
communication carried out with the second communications 
terminal T2 for relaying communications between the first 
communications terminal Tl and the second communications 

20 terminal T2; 

a first communications step of carrying out with the first 
communications terminal Tl transmission and reception of data 
containing the second communications identification 
information S2; 

25 a second communications step of carrying out with the 



second communications terminal T2 transmission and reception of 
data containing the third communications identification 
information S3; 

a first relaying step of rewriting, when data received from 
5 the first communications terminal Tl is to be transmitted to the 
second communications terminal T2 , the second communications 
identification information S2 within the data as the third 
communications identification information S3; and 

a second relaying step of rewriting, when data received 

10 from the second communications terminal T2 is to be transmitted 
to the first communications terminal Tl, the third 
communications identification S3 within the data as the second 
communications identification information S2 . 

This method is applicable to gateways connected between the 

15 Internet and an Intranet. With this method, utilizing 

communications identification information (referred to as 
"session IDs " hereinafter), a relaying device identifies 
communications with other terminals. Relaying of 
communications from the first communications terminal Tl and 

20 second communications terminal T2 is carried out as follows. 
When data containing session ID "S2" is received from the first 
communications terminal Tl, the session ID in the data is 
rewritten as "S3," and the data is transmitted to the second 
communications terminal T2 . Conversely, when data containing 

25 session ID "S3" is received from the second communications 



terminal T2, the session ID in the data is rewritten as "S2," 
and the data is transmitted to the first communications terminal 
Tl. 

A third aspect of the present invention provides the 
5 relaying method set forth in the second aspect. The relaying 
methods further includes: 

a first acquisition step of acquiring first communications 
identification information SI identifying a communication that 
the first communications terminal Tl carries out with the 
10 relaying terminal in order to communicate with the second 
communications terminal T2 ; 

a second acquisition step of acquiring fourth 
communications identification information S4 identifying a 
communication that the second communications terminal T2 
15 carries out with the relaying terminal in order to communicate 
with the first communications terminal Tl ; wherein 

the first communications step carries out with the first 
communications terminal Tl transmission and reception of data 
further containing the first communications identification 
20 information Si, 

the second communications step carries out with second 
communications terminal T2 transmission and reception of data 
further containing the fourth communications identification 
information S4 , 

25 the first relaying step, when data received from the first 



communications terminal Tl is to be transmitted to the second 
communications terminal T2 , rewrites within the data the first 
communications identification information Si and the second 
communications identification information S2 as the third 
5 communications identification information S3 and the fourth 
communications identification information S4, and 

the second relaying step, when data received from the 
second communications terminal T2 is to be transmitted to the 
first communications terminal Tl, rewrites within the data the 
10 third communications identification information S3 and the 
fourth communications identification information S4 as the 
first communications identification information SI and the 
second communications identification information S2. 

Under this method, every terminal possesses session IDs 
15 that identify communications between other terminals and their 
terminals. Communications between terminals are specified by 
combining the two terminals' session IDs. This method is also 
applicable to multi-stage relaying. 

A fourth aspect of the present invention provides the 
20 relaying method set forth in the second aspect. The relaying 
method further includes a table-preparation step of preparing 
a session table; wherein 

within a single record the session table: 

stores the first communications identification 
25 information SI and second communications identification 



information S2 correlatively with a communications address 
for the first communications terminal Tl, and 

stores the third communications identification 
information S3 and the fourth communications 
5 identification information S4 correlatively with a 

communications address for the second communications 
terminal T2 . 

Specifically, the relaying terminal prepares in the 
session table entries for relaying communications by the first 
10 communications terminal Tl and second communications terminal 
T2 - Si, S2, S3, S4, and IP addresses for the first communications 
terminal Tl and second communications terminal T2 are written 
into the entries . 

A fifth aspect of the present invention provides the 
15 relaying method set forth in the fourth aspect. The relaying 
method further includes : 

a termination receiving step of accepting notification 
that communications between the first communications terminal 
Tl and the second communications terminal T2 have terminated; 
2 0 and 

a deletion step of deleting from the session table & record 
corresponding to communications between the first 
communications terminal Tl and the second communications 
terminal T2 . 

25 When the relaying terminal accepts the communication 



termination notice, it deletes from the session table the 
entries pertaining to the communications . 

A sixth aspect of the present invention provides the 
relaying method set forth in the second aspect, wherein the 
5 relaying terminal is further connected with a computer terminal 
connected via the network to the first communications terminal 
Tl and the second communications terminal T2 . The relaying 
method further includes : 

a communications -request receiving step of receiving from 
10 the computer terminal a report indicating that there has been 
a request from the first communications terminal Tl for 
communication with the second communications terminal T2; 

a first notification step of reporting the second 
communications identification information S2 to the first 
15 communications terminal Tl via the computer terminal; and 

a second notification step of reporting the third 
communications identification information S3 to the second 
communications terminal T2 via the computer terminal. 

The relaying terminal in this method is further connected 
20 with a separate computer (gatekeeper). Communication-request 
generation and session ID notification are carried out via the 
gatekeeper. Session ID notification from the first 
communications terminal Tl and second communications terminal 
T2 is received via the gatekeeper also. 
25 A seventh aspect of the present invention provides the 



relaying method set forth in the sixth aspect. The relaying 
method further includes: 

a third acquisition step of acquiring from the computer 
first communications identification information SI identifying 
5 a communication that the first communications terminal Tl 

carries out with the relaying terminal in order to communicate 
with the second communications terminal T2; 

a fourth acquisition step of acquiring from the computer 
fourth communications identification information S4 
10 identifying a communication that the second communications 

terminal T2 carries out with the relaying terminal in order, to 
communicate with the first communications terminal Tl; wherein 
the first communications step carries out with the first 
communications terminal Tl transmission and reception of data 
15 further containing the first communications identification 
information SI, 

the second communications step carries out with second 
communications terminal T2 transmission and reception of data 
further containing the fourth communications identification 
20 information S4, 

the first relaying step, when data received from the first 
communications terminal Tl is to be transmitted to the second 
communications terminal T2, rewrites within the data the first 
communications identification information Si and the second 
25 communications identification information S2 as the third 
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communications identification information S3 and the fourth 
communications identification information S4 , and 

the second relaying step, when data received from the 
second communications terminal T2 is to be transmitted to the 
5 first communications terminal Tl , rewrites within the data the 
third communications identification information S3 and the 
fourth communications identification information S4 as the 
first communications identification information SI and the 
second communications identification information S2 . 

10 The relaying terminal acquires session ID "SI" for first 

communications terminal Tl, and session ID "S4" for second 
communications terminal T2 via the aforementioned gatekeeper. 
After acquisition of the session IDs, relaying of communications 
by the two terminals Tl, T2 takes place, without the gatekeeper 

15 intermediating. 

An eighth aspect of the present invention provides the 
relaying method set forth in the sixth aspect. The relaying 
method further includes : 

an alive-confirmation step of transmitting to and 

20 receiving from the computer terminal at fixed time intervals TMl 
alive information signifying one's terminal is alive; and 

a suspend step of suspending relaying of communications 
between the first communications terminal Tl and the second 
communications terminal T2 if the alive information has not been 

25 received from the computer terminal though a fixed time TM2 or 



more has elapsed. 

The relaying terminal immediately suspends relaying 
operations if the gatekeeper (aforementioned computer terminal) 
is down. 

5 A ninth aspect of the present invention provides a relaying 

device connected via a network with a first communications 
terminal Tl and a second communications terminal T2 , for 
relaying communications between the two terminals . The relaying 
device comprises: 

10 a first determination means for determining second 

communications identification information S2 identifying a 
communication carried out with the first communications 
terminal Tl for relaying communications between the first 
communications terminal Tl and the second communications 

15 terminal T2; 

a second determination means for determining third 
communications identification information S3 identifying a 
communication carried out with the second communications 
terminal T2 for relaying communications between the first 

20 communications terminal Tl and the second communications 
terminal T2; 

a first communications means for carrying out with the 
first communications terminal Tl transmission and reception of 
data containing the second communications identification 
25 information S2; 



a second communications means for carrying out with the 
second communications terminal T2 transmission and reception of 
data containing the third communications identification 
information S3; 

5 a first relaying means for rewriting, when data received 

from the first communications terminal Tl is to be transmitted 
to the second communications terminal T2 , the second 
communications identification information S2 within the data as 
the third communications identification information S3; and 

10 a second relaying means for rewriting, when data received 

from the second communications terminal T2 is to be transmitted 
to the first communications terminal Tl , the third 
communications identification S3 within the data as the second 
communications identification information S2. 

15 A tenth aspect of the present invention provides a relaying 

computer product utilized by a computer connected via a network 
with a first communications terminal Tl and a second 
communications terminal T2, for relaying communications between 
the two terminals, the relaying computer product for making the 

2 0 computer function as: 

a first determination means for determining second 
communications identification information S2 identifying a 
communication carried out with the first communications 
terminal Tl for relaying communications between the first 

25 communications terminal Tl and the second communications 
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terminal T2; 

a second determination means for determining third 
communications identification information S3 identifying a 
communication carried out with the second communications 
5 terminal T2 for relaying communications between the first 
communications terminal Tl and the second communications 
terminal T2; 

a first communications means for carrying out with the 
first communications terminal Tl transmission and reception of 
10 data containing the second communications identification 
information S2 ; 

a second communications means for carrying out with the 
second communications terminal T2 transmission and reception of 
data containing the third communications identification 
15 information S3; 

a first relaying means for rewriting, when data received 
from the first communications terminal Tl is to be transmitted 
to the second communications terminal T2, the second 
communications identification information S2 within the data as 
20 the third communications identification information S3; and 
a second relaying means for rewriting, when data received 
from the second communications terminal T2 is to be transmitted 
to the first communications terminal Tl , the third 
communications identification S3 within the data as the second 
25 communications identification information S2 . 



An eleventh aspect of the present invention provides a 
computer-readable recording medium on which is recorded a 
relaying program utilized by a relaying terminal that is 
connected via a network with a first communications terminal Tl 
5 and a second communications terminal T2, and that relays 

communications between the two terminals , the computer-readable 
recording medium on which is recorded a relaying program for 
executing: 

a first determination step of determining second 
10 communications identification information S2 identifying a 
communication carried out with the first communications 
terminal Tl for relaying communications between the first 
communications terminal Tl and the second communications 
terminal T2; 

15 a second determination step of determining third 

communications identification information S3 for identifying a 
communication carried out with the second communications 
terminal T2 for relaying communications by the first 
communications terminal Tl and the second communications 

20 terminal T2; 

a first communications step of carrying out with the first 
communications terminal Tl transmission and reception of data 
containing the second communications identification 
information S2; 

25 a second communications step of carrying out with the 



second communications terminal T2 transmission and reception of 
data containing the third communications identification 
information S3 ; 

a first relaying step of rewriting, when data received from 
5 the first communications terminal Tl is to be transmitted to the 
second communications terminal 12, the second communications 
identification information S2 within the data as the third 
communications identification information S3 ; and 

a second relaying step of rewriting, when data received 
10 from the second communications terminal T2 is to be transmitted 
to the first communications terminal Tl, the third 
communications identification S3 within the data as the second 
communications identification information S2. 

Herein, flexible disks, hard disks, semiconductor memory, 
15 CD-ROMs, DVDs, magneto-optical disks (MOs) and other recording 
media for computer reading/writing may be cited. 

A twelfth aspect of the present invention provides a 
communications control method utilized by a computer connected 
via a network to a first communications terminal Tl , a second 
20 communications terminal T2 and a relaying terminal that relays 
communications between the two terminals. The communications 
control method includes : 

a communication-request acceptance step of accepting from 
the first communications terminal Tl a request for communication 
25 with the second communications terminal T2; 



a request notification step of notifying the second 
communications terminal T2 of the communication request; 

a first reporting step of receiving from the first 
communications terminal Tl and reporting to the relaying 
5 terminal first communications identification information SI 
identifying a communication that the first communications 
terminal Tl carries out with the relaying terminal; 

a second reporting step of notifying the relaying terminal 
of the communications request, and receiving from the relaying 

10 terminal and reporting to the first communications terminal Tl 
second communications identification information S2 for 
identifying a communication that the relaying terminal carries 
out with the first communications terminal Tl ; 

a third reporting step of notifying the relaying terminal 

15 of the communications request, and receiving from the relaying 
terminal and reporting to the second communications terminal T2 
third communications identification information S3 for 
identifying a communication that the relaying terminal carries 
out with the second communications terminal T2; and 

20 a fourth reporting step of receiving from the second 

communications terminal T2 and reporting to the relaying 
terminal fourth communications identification information S4 
identifying a communication that the second communications 
terminal T2 carries out with the relaying terminal. 

25 This method is applicable to gatekeepers connected between 



the internet and an intranet. 

A thirteenth aspect of the present invention provides the 

communications control method set forth in the twelfth aspect, 

further including a table-preparation step of preparing a 

session table; wherein 

within a single record the session table: 

stores the first communications identification 
information SI and second communications identification 
information S2 correlatively with a communications address 
for the first communications terminal Tl, and 

stores the third communications identification 
information S3 and the fourth communications 
identification information S4 correlatively with a 
communications address for the second communications 
terminal T2 . 

Specifically, the gatekeeper (aforementioned computer) 
prepares in the session table entries for relaying 
communications by the first communications terminal Tl and 
second communications terminal T2 . SI, S2, S3, S4, and IP 
addresses for the first communications terminal Tl and second 
communications terminal T2 are written into the entries. 

A fourteenth aspect of the present invention provides the 
communications control method set forth in the thirteenth aspect. 
The communication control method further includes : 

a termination receiving step of accepting notification 



that communications between the first communications terminal 
Tl and the second communications terminal Second communications 
terminal T2 have terminated; and 

a deletion step of deleting from the session table records 
5 corresponding to communications between the first 

communications terminal Tl and the second communications 
terminal T2 . 

When the gatekeeper accepts the communication termination 

notice from the first communications terminal Tl or the second 
10 communications terminal T2 , it deletes from the session table 

the entries pertaining to those communications. 

A fifteenth aspect of the present invention provides the 

communications control method set forth in the twelfth aspect. 

The communications control method further includes : 
15 an alive-recognition step of transmitting to and receiving 

from the computer terminal at fixed time intervals TMl alive 

information signifying one's terminal is alive; 

a termination reporting step of transmitting a 

communications termination notice to the first communications 
20 terminal Tl, the second communications terminal T2, and the 

relaying terminal if the alive information has not been received 

from the computer terminal though a fixed time TM2 or more has 

elapsed; and 

cut-off step after transmission of the communications 
2 5 termination notice, of breaking the connection with the first 



communications terminal Tl, the second communications terminal 
T2 , and the relaying terminal . 

A sixteenth aspect of the present invention provides a 
communications control device connected via a network to a first 
5 communications terminal Tl , a second communications terminal T2 , 
and a relaying terminal that relays communications between the 
two terminals. The communications control device comprises: 
a communication-request acceptance means for accepting 
from the first communications terminal Tl a request for 
10 communication with the second communications terminal T2; 

a request notification means for notifying the second 
communications terminal T2 of the communication request; 

a first reporting means for receiving from the first 
communications terminal Tl and reporting to the relaying 
15 terminal first communications identification information SI 
identifying a communication that the first communications 
terminal Tl carries out with the relaying terminal; 

a second reporting means for notifying the relaying 
terminal of the communications request, and receiving from the 
20 relaying terminal and reporting to the first communications 
terminal Tl second communications identification information S2 
for identifying a communication that the relaying terminal 
carries out with the first communications terminal Tl ; 

a third reporting means for notifying the relaying terminal 
25 of the communications request, and receiving from the relaying 



terminal and reporting to the second communications terminal T2 
third communications identification information S3 for 
identifying a communication that the relaying terminal carries 
out with the second communications terminal T2 ; and 

5 a fourth reporting means for receiving from the second 

communications terminal T2 and reporting to the relaying 
terminal fourth communications identification information S4 
identifying a communication that the second communications 
terminal T2 carries out with the relaying terminal. 

10 A seventeenth aspect of the present invention provides a 

communications control computer product utilized by a computer 
connected via a network to a first communications terminal Tl, 
a second communications terminal T2 , and a relaying terminal 
that relays communications between the two terminals, the 

15 communications control computer product for making the computer 
function as: 

a communication-request acceptance means for accepting 
from the first communications terminal Tl a request for 
communication with the second communications terminal T2 ; 
20 a request notification means for notifying the second 

communications terminal T2 of the communication request; 

a first reporting means for receiving from the first 
communications terminal Tl and reporting to the relaying 
terminal first communications identification information Si 
25 identifying a communication that the first communications 



terminal Tl carries out with the relaying terminal; 

a second reporting means for notifying the relaying 
terminal of the communications request, and receiving from the 
relaying terminal and reporting to the first communications 
5 terminal Tl second communications identification information S2 
for identifying a communication that the relaying terminal 
carries out with the first communications terminal Tl; 

a third reporting means for notifying the relaying terminal 
of the communications request, and receiving from the relaying 
10 terminal and reporting to the second communications terminal T2 
third communications identification information S3 for 
identifying a communication that the relaying terminal carries 
out with the second communications terminal T2; and 

a fourth reporting means for receiving from the second 
- 15 communications terminal T2 and reporting to the relaying 

terminal fourth communications identification information S4 
identifying a communication that the second communications 
terminal T2 carries out with the relaying terminal. 

An eighteenth aspect of the present invention provides a 
20 computer-readable recording medium on which is recorded a 

communications control program utilized by a computer connected 
via a network to a first communications terminal Tl , a second 
communications terminal T2, and a relaying terminal that relays 
communications between the two terminals , the computer-readable 
25 recording medium on which is recorded a communications control 
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program for executing: 

a communication-request acceptance step of accepting from 
the first communications terminal Tl a request for communication 
with the second communications terminal T2; 
5 a request notification step of notifying the second 

communications terminal T2 of the communication request; 

a first reporting step of receiving from the first 
communications terminal Tl and reporting to the relaying 
terminal first communications identification information SI 
10 identifying a communication that the first communications 
terminal Tl carries out with the relaying terminal; 

a second reporting step of notifying the relaying terminal 
of the communications request, and receiving from the relaying 
terminal and reporting to the first communications terminal Tl 
15 second communications identification information S2 for 

identifying a communication that the relaying terminal carries 
out with the first communications terminal Tl ; 

a third reporting step of notifying the relaying terminal 
of the communications request, and receiving from the relaying 
20 terminal and reporting to the second communications terminal T2 
third communications identification information S3 for 
identifying a communication that the relaying terminal carries 
out with the second communications terminal T2; and 

a fourth reporting step of receiving from the second 
25 communications terminal T2 and reporting to the relaying 



terminal fourth communications identification information S4 
identifying a communication that the second communications 
terminal T2 carries out with the relaying terminal. 

Herein, flexible disks, hard disks, semiconductor memory, 
5 CD-ROMs, DVDs, magneto-optical disks (MOs) and other recording 
media for computer reading/writing may be cited. 

A nineteenth aspect of the present invention provides a 
communications control method utilized by a first 
communications terminal Tl connectable via a network with a 
10 second communications terminal T2 . The communications control 
method includes: 

a reporting step of reporting to the second communications 
terminal T2 first communications identification information SI 
identifying communications between the second communications 
15 terminal T2 and the first communications terminal Tl; 

a receiving step of receiving from the second 
communications terminal T2 second communications 
identification information S2 that the second communications 
terminal T2 uses for identifying communication with the first 
20 communications terminal Tl; and 

a communications step of communicating with the second 
communications terminal T2 by carrying out transmission and 
reception of data containing the first communications 
identification information SI and second communications 
25 identification information S2. 



This method is applicable to the first and second 
communications terminals Tl, T2, the relaying terminal 
(gateway) in the foregoing first invention, and the computer 
(gatekeeper) in the foregoing sixth invention. Though the 
5 terminals connected through the network are multi-stage 
connected, neighboring terminal associates report mutual 
communications sessions to each other prior to the start of 
communications , and identify communications by combining the 
mutual communications sessions. 

10 A twentieth aspect of the present invention provides a 

first communications terminal Tl connectable via a network with 
a second communications terminal T2 . The first communications 
terminal comprises: 

a reporting means for reporting to the second 

15 communications terminal T2 first communications identification 
information SI identifying communications between the second 
communications terminal T2 and the first communications 
terminal Tl ; 

a receiving means for receiving from the second 
20 communications terminal T2 second communications 

identification information S2 that the second communications 
terminal T2 uses for identifying communication with the first 
communications terminal Tl ; and 

a communications means for communicating with the second 
25 communications terminal T2 by carrying out transmission and 



reception of data containing the first communications 
identification information SI and second communications 
identification information S2 . 

A twenty-first aspect of the present invention provides a 
5 communications control computer product making a computer 

function as a first communications terminal Tl connectable via 
a network with a second communications terminal T2 , the 
communications control computer product further for making the 
computer function as : 
10 a reporting means for reporting to the second 

communications terminal T2 first communications identification 
information SI identifying communications between the second 
communications terminal T2 and the first communications 
terminal Tl ; 

15 a receiving means for receiving from the second 

communications terminal T2 second communications 
identification information S2 that the second communications 
terminal T2 uses for identifying communication with the first 
communications terminal Tl ; and 

20 a communications means for communicating with the second 

communications terminal T2 by carrying out transmission and 
reception of data containing the first communications 
identification information Si and second communications 
identification information S2. 

25 A twenty-second aspect of the present invention provides 



a computer-readable recording medium on which is recorded a 
communications control program for executing a communications 
control method utilized by a first communications terminal Tl 
connectable via a network with a second communications terminal 
5 T2, the computer-readable recording medium on which is recorded 
a communications control program for executing: 

a reporting step of reporting to the second communications 
terminal T2 first communications identification information SI 
identifying communications between the second communications 
10 terminal T2 and the first communications terminal Tl; 

a receiving step of receiving from the second 
communications terminal T2 second communications 
identification information S2 that the second communications 
terminal T2 uses for identifying communication with the first 
15 communications terminal Tl; and 

a communications step of communicating with the second 
communications terminal T2 by carrying out transmission and 
reception of data containing the first communications 
identification information Si and second communications 
20 identification information S2 . 

Herein, flexible disks, hard disks, semiconductor memory, 
CD-ROMs, DVDs, magneto-optical disks (MOs) and other recording 
media for computer reading/writing may be cited. 

A twenty-third aspect of the present invention provides a 
25 communications method for when, via a secure host defending 



against wrongful access from without , internal terminal devices 
connected to a network on the inside of the secure host and 
external terminal devices connected to a network on the outside 
carry out voice communications . The communications method is 
5 characterized by: 

accepting by way of the secure host, from outside the secure 
host, a call request from an external terminal device to a 
connectable internal terminal device, or accepting by way of the 
secure host, from inside the secure host, a call request from 
10 an internal terminal device to a connectable external terminal 
device; 

when a call between the external terminal device and the 
internal terminal device is established, reporting to the two 
terminal devices a path readied in advance for transmitting and 

15 receiving voice data, and communications identification 

information for distinguishing what is voice data between the 
terminal devices, and meanwhile storing terminal-device 
information identifying the two terminal devices, correlatively 
with the communications identification information reported to 

20 the two terminal devices; 

when the secure host has received form the external 
terminal device or the internal terminal device voice data 
containing the communications identification information, 
specifying, from the terminal-device information stored 

25 correlatively with the communications identification 
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information, a communications-destination terminal device for 
the voice data, and sending out received voice data to the 
specified terminal device. 

From the following detailed description in conjunction 
5 with the accompanying drawings, the foregoing and other objects, 
features, aspects and advantages of the present invention will 
become readily apparent to those skilled in the art. 
BRIEF DESCRIPTION OF THE DRAWINGS 

Fig. 1 is an overall conf igurational diagram of a 
10 communications control system having to do with a first embodied 
example of the present invention; 

Fig. 2 is an explanatory diagram of a relay routine that 
the gateway carries out; 

Fig. 3A is a First session table (caller terminal); 
15 Fig. 3B is a second session table (receiver terminal); 

Fig. 3C is a third session table (gateway); 

Fig. 4 is an explanatory diagram illustrating flow in a 
routine for calling; 

Fig. 5 is an explanatory diagram illustrating flow in a 
20 routine for terminating communications; 

Fig. 6 is an overall conf igurational diagram of 
communications control system having to do with a second 
embodied example; and 

Fig. 7 is an overall conf igurational diagram of 
25 communications control system having to do with a third embodied 



example . 

DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENTS 
First Embodied Example 

To facilitate illustration, in the following explanation 
5 will be made taking voice-communications control on the internet 
in accordance with TCP/IP (Transmission Control 
Protocol /Internet Protocol) as an example. 
Configuration 

Fig. 1 is a communications control system having to do with 

10 a first embodied example of the present invention. Caller 
terminal la on the Internet 5 and receiver terminal lb on an 
Intranet 6 are connected via VoIP gatekeeper 2 (gatekeeper 2 
hereinafter) and VoIP gateway 3 (gateway 3 hereinafter) in this 
communications control system. The gatekeeper 2 and gateway 3 

15 are disposed on a DMZ (Demilitarized Zone) network. Here, the 
DMZ network is utilized for disposing servers such as, 
ordinarily, WWW servers and mail servers for external /public 
services. Devices on the DMZ network and the Intranet 6 are 
ordinarily protected by two defense means, firewalls 4a, 4b. The 

20 gatekeeper 2 administers voice communications on the DMZ network, 
and the gateway 3 is used to transfer voice packets. 

The caller terminal la and the receiver terminal lb have 
not-shown voice input means and voice output means, and are 
communications terminals for carrying out voice communications 

25 based on VoIP (Voice-over Internet Protocol). The caller 
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terminal la and receiver terminal lb, prior to initiating 
communications with another terminal, determine a session ID 
that specifies direct communications with that terminal, and 
report this to the given communications partner. Further, the 
caller terminal la and the receiver terminal lb receive from the 
gatekeeper 2, and temporarily store, a session ID used for 
specifying communications by the given communications partner 
with their terminals. The session IDs are stored in a first 
session table (Fig 3(a)) and a second session table (Fig 3(b)), 
respectively. These tables will be described later. 
Furthermore, the caller terminal la and the receiver terminal 
lb annex session IDs, for their terminals and the direct 
communications partner, to each voice packet, which they send. 
The created session IDs should be produced within each device 
so as not to be duplicates; and may be created, for example, based 
on the communications addresses for the direct communications 
partner and their terminals, or else created using random-number 
generation means. 

The gatekeeper 2 negotiates with the gateway 3 before the 
start of voice communications to determine information required 
for the voice data to pass through the firewall. Herein, the 
gateway 3 determines a session ID that identifies the voice 
telephone calls between the caller terminal la and the receiver 
terminal lb, and a port number that the gateway 3 uses for sending 
or receiving the voice data. Here, whether it is the gateway 
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3 or the gatekeeper 2 that makes the session ID determination 
does not matter, but in the present embodied example, the 
gatekeeper 2 does so. The created session IDs should be produced 
within each device so as not to be duplicates; and may be created, 
5 for example, based on the communications addresses for the 
direct communications partner and their terminals, or else 
created using random-number generation means. 

Further, the gatekeeper 2 prepares a fourth session table 
and herein stores information necessary for the gateway 3 to 

10 relay communications between the caller terminal la and the 
receiver terminal lb. Details of the fourth session table will 
be described later. 

The gateway 3 acquires the information necessary to relay 
communications between the caller terminal la and the receiver 

15 terminal lb from the gatekeeper 2. The gateway 3 also records 
the given acquired information in a third session table. The 
information stored in the third session table is similar to the 
information that the gatekeeper 2 has stored in the fourth 
session table, and the details will be described later. The 

20 gateway 3 relays communications between the caller terminal la 
and the receiver terminal lb based on this third session table. 
Further, when the gateway 3 gets a telephone call-ended 
notification from the gatekeeper 2 , it deletes the corresponding 
communications entries in the third session table. 
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Relay Routine 

(1) Premises 

Fig. 2 is an explanatory diagram of a relay routine that 
the gateway 3 carries out. A relay routine using voice packets 
5 in a voice stream process according to RTP/UDP is illustrated 
in the diagram. The IP addresses, sending ports, receiving ports, 
and session IDs that the relay routine requires for each terminal 
are as follows. Herein, "sending ports" are the numbers of the 
ports through which the terminals send packets. "Receiving 

10 ports" are the numbers of the ports through which the terminals 
receive packets. 

(1-1) Caller Terminal la 
IP address (a): Communications address for caller terminal la; 
Sending port (al): Port number caller terminal la uses in 

15 sending packets; 

Receiving port (a2): Port number caller terminal la uses in 
receiving packets; 

Session ID (si): Identification number specifying 
communications caller terminal la carries out with gateway 3 for 
20 communicating with receiver terminal lb. 
(1-2) Receiver Terminal lb 
IP address (b): Communications address for receiver terminal 
lb; 

Sending port (bl): Port number receiver terminal lb uses in 
25 sending packets; 



Receiving port (b2): Port number receiver terminal lb uses in 
receiving packets ; 

Session ID (s4): Identification number specifying 
communications receiver terminal lb carries out with gateway 3 
for communicating with caller terminal la. 

(1-3) Gateway 3 
IP address (c): Communications address for gateway 3; 
Sending port (cl): Port number gateway 3 uses for sending 
packets outside the firewall ("external sending-port number" 
hereinafter) ; 

Receiving port (c2): Port number gateway 3 uses for receiving 
packets from outside the firewall ("external receiving-port 
number" hereinafter); 

Session ID (s2): Identification number for specifying 
communications gateway 3 carries out with caller terminal la for 
relaying communications between caller terminal la and receiver 
terminal lb ("outside session ID" hereinafter). 
Sending port (c3): Port number gateway 3 uses for sending 
packets inside the firewall ("internal sending-port number" 
hereinafter) ; 

Receiving port (c4): Port number gateway 3 uses for receiving 
packets from inside the firewall ("internal receiving-port 
number" hereinafter); 

Session ID (s3): Identification number for specifying 
communications gateway 3 carries out with receiver terminal lb 



for relaying communications between caller terminal la and 
receiver terminal lb ("inside session ID" hereinafter). 
(2) Session Tables 

Fig. 3 is a conceptual explanatory diagram of first, second 
and third session tables for the caller terminal la, the receiver 
terminal lb and the gateway 3 . Fig. 3A is the first session table, 
which the caller terminal la retains. Fig. 3B is the second 
session table, which the receiver terminal lb retains. 
Referring to the first and second session tables, both the 
terminals la, lb perform packet transmission and reception. In 
a singe record both the tables store "caller IP," which is the 
IP address of caller terminal la, "receiver IP," which is the 
IP address of the receiver terminal lb, "session ID," "sending 
port," "receiving port," and "communications IP." 

The "communications IP" herein is the IP address of the 
partner terminal with which each terminal communicates directly. 
In this example, because the gateway 3 becomes the direct 
communications partner for the caller terminal la and the 
receiver terminal lb together, the communications IP is "c. " The 
"session ID" signifies both the session ID for their terminals 
and the session ID for the direct communications partner. The 
"sending port" signifies the direct-communication partner's 
sending-port number. The "receiving port" signifies the 
direct-communication partner's receiving-port number. 

For example, the external sending-port number "cl" and the 
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external receiving-port number "c2" for the gateway 3, which is 
the direct-communications partner for caller terminal la, are 
stored respectively as "receiving port" and "sending port" in 
the first session table. Likewise, the internal sending-port 
5 number "c3" and the internal receiving-port number "c4" for the 
gateway 3, which is the direct-communications partner for 
receiver terminal lb, are stored respectively as "receiving 
port" and "sending port" in the second session table. 

Fig. 3C is an explanatory diagram of the third session table, 

10 which the gateway 3 retains. Because the fourth session table, 
which the gatekeeper 2 retains, is also similar to the third 
session table, the third session table is explained herein. 
"Caller IP address," "receiver IP address," and "external 
information" pertaining to terminals outside the firewalls 4 and 

15 "internal information" pertaining to terminals inside, are 

stored in the third session table. The "caller IP address" and 
the "receiver IP address" are likewise as with the first and 
second session tables. 

The external information for the gateway 3 contains 

20 "external session IDs," "sending-port numbers" for outside 
terminals, "receiving-port numbers" for outside terminals, and 
"communications IP" addresses for direct-communications 
partner terminals that are outside the firewalls 4. "Internal 
session IDs," "sending-port numbers" for inside terminals, 

25 "receiving-port numbers" for inside terminals, and 



"communications IP" addresses for direct-communications 
partner terminals that are inside the firewalls 4, are included 
as the Jlinternal information. 1L 

Referring to this session table, the gateway 3 performs the 
5 relay routine set forth in the following. 
(3) Relay Routine Details 

The relay routine in the gateway 3, in which this 
information is utilized, will be explained next. The gateway 
3 receives a packet PI from the caller terminal la, and creates 
10 and transmits to the receiver terminal lb a packet P2 in which 
a portion of the packet PI information is rewritten. Likewise, 
the gateway 3 receives a packet P3 from the receiver terminal 
lb, and creates and transmits to the caller terminal la a packet 
P4 in which a portion of the packet P3 information is rewritten. 
15 Packets PI, P2, P3, P4, and packet rewriting are detailed below. 

(3-1) Packet Pi, Transmitted from Caller Terminal la to 
Gateway 3 

Caller terminal la creates packet PI based on the first 
session table, and transmits it to the receiver terminal lb. The 
20 following information is contained in packet PI. 
-Information Contained in Packet Pl- 

• IP-header destination IP address: IP address "c" for 
gateway 3 

• IP-header source IP address: IP address "a" for its 
25 terminal la 



• UDP-header destination port: gateway 3 external 
receiving-port number "c2" 

• UDP-header source port: sending-port number "al" for 
its terminal la 

5 • Data: session IDs "si" and "s2," as well as inputted 

voice data 

Having received packet PI, the gateway 3 recognizes, from 
the session IDs "si" and "s2" contained in the data segment of 
the packet Pi, that it is a communication between its terminal 

10 and the caller terminal la. Strictly speaking, the gateway 3 
recognizes from the given session IDs that the packet Pi is a 
communication between its terminal and the caller terminal la 
that is a portion of the communication between caller terminal 
la and receiver terminal lb. The gateway 3 thereafter searches 

15 the third session table, on the session IDs as keys, and reads 
out the internal information for the records hit. Based on the 
read-out information, the gateway 3 creates packet P2 out of 
packet Pi, and transmits it to the receiver terminal lb. 

(3-2) Packet P2 , Transmitted from Gateway 3 to Receiver 

20 Terminal lb 

Having received packet PI, the gateway 3 creates packet P2 
by rewriting, based on the third session table, the destination 
IP address, source IP address, destination port, source port and 
session ID in the packet Pi . The following information is 

25 contained in packet P2 . 



-Information Contained in Packet P2- 

• IP-header destination IP address: IP address "b" for 
receiver terminal lb 

• IP-header source IP address: IP address "c" for its 
terminal 3 

• UDP-header destination port: receiving-port number 
"b2" for receiver terminal lb 

• UDP-header source port: internal sending-port number 
"c3" for its terminal 3 

• Data: session IDs "s3" and "s4," as well as voice data 
in PI 

Having received packet P2 , the receiver terminal lb 
recognizes, from the session IDs "s3" and "s4" contained in the 
data segment of the packet P2 , that it is a communication between 
its terminal and the gateway 3. Strictly speaking, the receiver 
terminal lb searches the second session table on the given 
session IDs as keys and recognizes that it is data from the caller 
terminal la, relayed by the gateway 3. 

(3-3) Packet P3, Transmitted from Receiver Terminal lb to 
Gateway 3 

The receiver terminal lb creates and transmits to gateway 
3 packet P3, which contains input voice data. The following 
information is contained in packet P3 . 

-Information Contained in Packet P3- 

• IP-header destination IP address: IP address "c" for 



gateway 3 

• IP-header source IP address: IP address "b" for its 
terminal lb 

• UDP-header destination port: internal receiving-port 
5 number "c4" for gateway 3 

• UDP-header source port: sending-port number "bl" for 
its terminal lb 

• Data: session IDs "s3" and "s4," as well as voice data 
Having received packet P3 , the gateway 3 recognizes, from 

io the session IDs "s3" and "s4" contained in the data segment of 
the packet P3, that it is a communication between its terminal 
and the receiver terminal lb. Strictly speaking, the gateway 
3 searches the third session table with the session IDs as keys 
and recognizes that it is a packet from the receiver terminal 

15 lb addressed to the caller terminal la. The gateway 3 thereafter 
reads out the external information for the records hit as 
searching results. Based on the read-out information, the 
gateway 3 creates packet P4 out of packet P3 , and transmits it 
to the caller terminal la. 

20 (3-4) Packet P4 , Transmitted from Gateway 3 to Caller 

Terminal la 

The caller terminal la receives packet P4 from gateway 3. 
The following information is contained in packet P4 . 
-Information Contained in Packet P4- 
25 • IP-header destination IP address: IP address "a" for 
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caller terminal la 

• IP-header source IP address: IP address "c" for its 
terminal 3 

• UDP-header destination port: receiving-port number 
5 "a2" for caller terminal la 

• UDP-header source port: external sending-port number 
"cl" for its terminal 3 

• Data: session IDs "si" and "s2," as well as voice data 
in P3 

10 Having received the packet P4 , the caller terminal la 

searches the first session table based on the session IDs "si" 
and "s2," and recognizes that it is a packet from the receiver 
terminal lb, relayed by the gateway 3. 
(3-5) Effects 

15 Though a plurality of communications are allocated to 

common ports on the firewalls 4a, 4b utilizing this relay method 
the gateway 3 may administer each communication according to 
session IDs patched to each telephone call unit. Improvement 
in security and facilitation of maintenance are accordingly 

20 anticipated. Allocating to every communication session IDs 
unique respectively to all caller terminals la, receiver 
terminals lb, and gateways 3 enables interconnection with 
multi-stage communications relaying or a different kind of 
relaying technology. 
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Routine for Calling 

Fig. 4 is an explanatory diagram illustrating flow in a 
routine for calling. The sending-port numbers, receiving-port 
numbers, and session IDs are determined in this routine. In 
gross divisions this routine may be separated into the steps: 

(1) request from caller terminal la and session ID notification; 

(2) determination of gateway 3 session number; (3) determination 
of receiver-terminal lb session ID; and (4) reporting session 
IDs to the caller terminal la and gateway 3. Below, each step 
will be explained in turn. 

(1) Call Request from Caller Terminal la and Session ID 
Notification 

First, a call request from the caller terminal la is made 
to the gatekeeper 2 (#1). Prior to transmitting the request, 
the caller terminal la determines the sending port "al," 
receiving port "a2," and session ID "si," used in communicating 
with the receiver terminal lb. This information is reported to 
the gatekeeper 2 together with the given call request. 

(2) Determination of Gateway 3 Session Number 

The gatekeeper 2 receives the given call request and 
transmits an instruction on communications preparation to the 
gateway 3 ( #2 ) . The gatekeeper 2 reports to the gateway 3 the 
aforementioned IP address "a," sending port "al," receiving port 
"a2," and session ID "si" for the caller terminal la, together 
with this instruction. The gateway 3 receives the given 



instruction and these items of information (#3), and determines 
the port number and session ID for its terminal. Namely, the 
gateway 3 determines the external session ID "s2," external 
sending-port number "cl," external receiving-port number "c2," 
5 internal session ID "S3, " internal sending-port number "c3, " and 
internal receiving-port number "c4." Subsequently , the gateway 
3 reports the "cl," "c2," "s2," "c3," "c4" and "s3" information 
to the gatekeeper 2 (#4) . The gatekeeper 2 receives the external 
and internal port numbers and session IDs for the gateway 3 and 
10 stores them in the fourth session table (#5). 

(3) Determination of Receiver-Terminal lb Session ID 

Furthermore, the gatekeeper 2 transmits the call request 
to the receiver terminal lb (#6). Together with this request, 
the gatekeeper 2 reports the internal port numbers and the 

is session ID for the gateway 3 to the receiver terminal lb (#7). 
Namely, it reports the internal sending-port number "c3," the 
internal receiving-port number "c4," and the internal session 
ID "s3 . " The receiver terminal lb receives these, and determines 
its terminal port numbers "bl," "b2," and session ID "s4." 

20 Subsequently, the receiver terminal lb reports the determined 
port numbers and session ID to the gatekeeper 2 (#8). 

(4) Reporting Session IDs to the Caller Terminal la and Gateway 
3 

The gatekeeper 2 receives communication information for 
25 the given receiver terminal lb (#9), and reports to the caller 



terminal la the external port numbers and session ID for the 
gateway 3 (#10). Namely, the gatekeeper 2 reports the external 
sending-port number "cl," external receiving-port number "c2," 
and external session ID "s2" to the caller terminal la. Having 
5 accepted these the caller terminal la from then on carries out 
communications using session IDs "si" and "s2" with respect to 
the internal receiving-port number "c2" for the gateway 3 (#11) . 

Meanwhile, the gatekeeper 2 reports to the gateway 3 the 
aforementioned external information and internal information 

10 (#12) . Namely, the gatekeeper 2 reports the sending-port number 
"al," receiving-port number "a2" and session ID "si" for the 
caller terminal la, and the sending-port number "bl," 
receiving-port number "b2" and session ID "s4" for the receiver 
terminal lb to the gateway 3 . Having gotten these the gateway 

15 3 writes the received information into the third session table 
(#13 ) . The gateway 3 from then on carries out, based on the third 
session table, relaying of voice telephone call between the 
caller terminal la and the receiver terminal lb. 
Routine for Terminating Communications 

20 Fig. 5 is an explanatory diagram illustrating flow in a 

routine for terminating communications . Where a voice telephone 
call between the caller terminal la and receiver terminal lb is 
to be terminated, the following routine is carried out. Here, 
in this situation, for ease of illustration the case of a cut-off 

25 request from the caller terminal la side will be explained, but 
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a similar routine is carried out also when there is a cut-off 
request from the receiver terminal lb. In gross divisions this 
routine classifies into two steps: (1) cut-off for the caller 
terminal la and receiver terminal lb; and (2) cut-off process 
for the gatekeeper 2 and gateway 3. 

( 1 ) Cut-off for the Caller Terminal la and Receiver Terminal lb 

First, the caller terminal la transmits a cut-off request 
to the gatekeeper 2 ( #21 ) . This request is transmitted utilizing 
a TCP connection established for administrating voice 
communications held with the gatekeeper 2. Therefore, the voice 
communication that should be cut off from the TCP connection may 
be deliberately determined. Having accepted this gatekeeper 2 
transmits the cut-off request to the receiver terminal lb 
through a corresponding administration channel (#22, #23 , #24) . 
The receiver terminal lb thereby recognizes the communication 
termination. 

(2) Cut-Off Process for the Gatekeeper 2 and Gateway 3 

Furthermore, the gatekeeper 2 transmits the cut-off 
request together with the session IDs "si" and "s2" to the 
gateway 3 (#25, #26). The gateway 3 searches the third session 
table with, as keys, the session IDs contained in the cut-off 
request as keys. Further, the gateway 3 deletes from the third 
session table the entries hit resulting from the search (#27). 
Subsequently, the gateway 3 transmits a termination report to 
the gatekeeper 2 (#28). Having gotten this the gatekeeper 2 



likewise searches the fourth session table on the session IDs 
as a key, and deletes the hit entries (#30) . The telephone call 
by the caller terminal la and the receiver terminal lb is thereby 
terminated . 
5 Other Routines 

Here, in a situation in which the gateway 3 and gatekeeper 

2 are used in communications control, breakdown of one of the 
devices conceivable. In order to cope with this, the gateway 

3 and the gatekeeper 2 may establish a continual control 

10 connection, and an exchange of "keep alive" messages may be made 
at all times. If response from either to the keep-alive should 
cease for more than a fixed period, the devices may perform a 
process as follows . 

First, if the gatekeeper 2 detects that the gateway 3 is 

15 down, a telephone-call cutoff report is made to the caller 
terminal la and receiver terminal lb. Furthermore, the 
gatekeeper 2 sequentially deletes from the entries in the fourth 
session table the telephone call entry for the transmitted 
cutoff report. 

20 Meanwhile, if the gateway 3 detects that the gatekeeper 2 

is down, it deletes all the information in the third session 
table, and suspends packet rewriting. 

The foregoing routines, wherein VoIP terminals on the 
Internet and VoIP terminals on an Intranet are connected, while 

25 being that a plurality of communications are allocated to a 



common port, enable the communications to be distinguished, and 
improve security while maintaining voice quality. Because 
individual session IDs between the direct communications 
partner and, respectively, the caller terminal, relaying device 
and receiver terminal are utilized, this method is applicable 
to multi-stage communications relaying. Furthermore, the fact 
that each telephone call is specified by combining with a session 
ID facilitates voice communications among devices whose address 
information is indeterminate, as with telephone calls from 
devices having plural IP addresses. 
Other Embodied Examples 

(A) Fig. 6 is an overall conf igurational diagram of 
communications control system having to do with a second 
embodied example. Caller terminal la is on an Intranet 7 in this 
system, intranet 7 is connected to the Internet 5 via gateway 
8 and gatekeeper 9. Firewalls 10a, 10b are constructed virtually 
between Intranet 7 and the Internet 5 by the gatekeeper 9. 
Elements indicated in the figure with the same reference marks 
as in the aforementioned Fig. 1 function likewise as the in first 
embodied example. 

Routines that the caller terminal la, receiver terminal lb, 
gatekeeper 2 and gateway 3 carry out in this system are likewise 
as in the foregoing first embodied example. Nevertheless, the 
communications partners for the caller terminal la are when 
calling, the gatekeeper 9, and after start of communications, 



the gateway 8. Further, communication partners for the 
gatekeeper 2 and gateway 3 become when calling, the gatekeeper 
9, and after start of communications, the gateway 8. 

The gateway 8 carries out the same routines as the foregoing 
5 gateway 3. Nevertheless, the gatekeeper 9 instead of the 

gatekeeper 2, the caller terminal la instead of the receiver 
terminal lb, and the gateway 3 instead of the caller terminal 
la carry out communications. In other words, the gateway 8 
negotiates with the gatekeeper 9 during a call, and relays 
10 communications between the caller terminal la and gateway 3 
after start of communications. 

The gatekeeper 9 carries out the same routines as the 
foregoing gatekeeper 2. Nevertheless, the gateway 3 instead of 
the gateway 8 , and the receiver terminal lb instead of the caller 
15 terminal la carry out communications. 

(B) Fig. 7 is an overall conf igurational diagram of 
communications control system having to do with a third embodied 
example. Elements indicated in the figure with the same 
reference marks as in the aforementioned Fig. 1 function 
20 likewise as the in first embodied example. Intranet 7 having 
the caller terminal la, and Intranet 6 having the receiver 
terminal lb, are connected via communications terminals 11, 12 
and network 13 in this system. In this way, though the caller 
terminal la and receiver terminal lb are multi-stage connected 
25 via multiple communications terminals and a network, likewise 
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as in the foregoing first embodied example, the terminals report 
session IDs mutually among one other. Because every terminal 
transmits /receives each other's session IDs together with data, 
a plurality of communications may be supported on one port. 
5 (C) Programs for executing the foregoing method, and 

computer-readable recording media on which it is recorded are 
covered by the present invention. Flexible disks, hard disks, 
semiconductor memory, CD-ROMs, DVDs, magneto-optical disks 
(MOs) and other recording media for computer reading/writing may 

10 be cited. 

Utilizing the present invention, while heightening 
communications security in an inside network connected to an 
outside network, enables support of a plurality of 
communications between the outside network and the inside 

15 network. 

While only selected embodiments have been chosen to 
illustrate the present invention, to those skilled in the art 
it will be apparent from this disclosure that various changes 
and modifications can be made herein without departing from the 
20 scope of the invention as defined in the appended claims. 
Furthermore, the foregoing description of the embodiments 
according to the present invention is provided for illustration 
only, and not for the purpose of limiting the invention as 
defined by the appended claims and their equivalents. 
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